The federally run health insurance marketplace has been hit with a data breach impacting 75,000 individuals, the Centers for Medicare & Medicaid Services (CMS) disclosed on Friday.
CMS detected suspicious activity on the federal exchange's direct enrollment pathway for agents and brokers earlier in the week. The direct enrollment pathway allows agents to assist consumers with getting healthcare coverage through the federal exchange.
As of Friday evening, CMS reported that the files of 75,000 individuals had been accessed. The agency called the breach "unacceptable" but noted that it was a "small fraction of consumer records."
“Our No. 1 priority is the safety and security of the Americans we serve. We will continue to work around the clock to help those potentially impacted and ensure the protection of consumer information,” CMS Administrator Seema Verma said in a statement.
“I want to make clear to the public that HealthCare.gov and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted. We are working to identify the individuals potentially impacted as quickly as possible so that we can notify them and provide resources such as credit protection.”
Suspicious activity was first identified on Oct. 13 and the breach was declared on Oct. 16. Agent and broker accounts impacted by the attack were deactivated and the direct enrollment pathway was disabled. CMS said it was working to restore the pathway within the next seven days.
HealthCare.gov and the Marketplace Call Center remain operational, according to CMS. The federal exchange is used by more than three dozen states.
This is a breaking story. We will update when more details become available.